Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Improvement: AI editing chat enhancements with allowed tools UI and strict tool restrictions#299

Merged
breaking-brake merged 2 commits intomainbreaking-brake/cc-wf-studio:mainfrom
improvement/allowed-tools-uibreaking-brake/cc-wf-studio:improvement/allowed-tools-uiCopy head branch name to clipboard
Dec 20, 2025
Merged

Improvement: AI editing chat enhancements with allowed tools UI and strict tool restrictions#299
breaking-brake merged 2 commits intomainbreaking-brake/cc-wf-studio:mainfrom
improvement/allowed-tools-uibreaking-brake/cc-wf-studio:improvement/allowed-tools-uiCopy head branch name to clipboard

Conversation

@breaking-brake
Copy link
Copy Markdown
Owner

@breaking-brake breaking-brake commented Dec 20, 2025

Problem

AI editing chat had several issues that affected user experience and safety:

  1. No tool restriction control: Users could not control which Claude Code CLI tools the AI could use
  2. Inconsistent AI responses: AI sometimes responded in plain text instead of structured JSON for clarifications
  3. Incomplete clarification messages: Only partial messages were displayed when AI asked for clarification
  4. Dropdown UX issue: Tool selection dropdown closed after each click, requiring reopening for each tool
  5. Unreliable pattern matching: English-only regex patterns failed to detect Japanese clarifications

Solution

Part 1: Allowed Tools UI (#335700e)

Added a comprehensive UI for managing allowed Claude Code CLI tools:

  • Settings dropdown with "Allowed Tools" submenu
  • Checkbox selection for all 18 official Claude Code CLI tools
  • Default selection: Read, Grep, Glob, WebSearch, WebFetch (read-only tools)
  • Visual warning for AskUserQuestion (⚠️ Not recommended)
  • localStorage persistence across sessions

Part 2: Prompt & Tool Restrictions (#d44d7c7)

Enhanced prompt engineering and enforced strict tool restrictions:

Prompt Improvements:

  • Added critical rules to enforce structured JSON output for clarifications
  • Rules: "If you need clarification, use { status: 'clarification', message: '...' } format"
  • Rules: "NEVER ask questions in plain text - use clarification JSON format"

Strict Tool Restrictions:

  • Use both --tools and --allowed-tools flags simultaneously
  • --tools: Whitelist restriction (only these tools available, blocks others completely)
  • --allowed-tools: No permission prompt for these tools
  • Prevents AI from using non-selected tools like AskUserQuestion

Code Cleanup:

  • Removed legacy English-only pattern matching functions (isClarificationMessage, extractClarificationMessage)
  • Simplified clarification handling to rely on structured JSON only

UX Improvements:

  • Fixed dropdown menu to stay open for continuous tool selection (changed from onCheckedChange to onSelect with event.preventDefault())
  • Fixed clarification message display to show complete content
  • Added TodoWrite to default allowed tools for progress tracking (safe, read-only)

Changes

Modified Files (6 files)

  1. src/extension/services/claude-code-service.ts

    • Added --tools flag alongside --allowed-tools for strict whitelist restriction

  2. src/extension/services/refinement-prompt-builder.ts

    • Added critical rules to enforce structured JSON output for clarifications

  3. src/extension/services/refinement-service.ts

    • Removed legacy pattern matching functions (44 lines deleted)
    • Simplified clarification handling

  4. src/webview/src/components/chat/SettingsDropdown.tsx

    • Added Allowed Tools submenu with checkbox items
    • Changed event handler to prevent menu closing
    • Added visual warning for AskUserQuestion

  5. src/webview/src/components/dialogs/RefinementChatPanel.tsx

    • Fixed clarification message display logic
    • Always use complete clarification message from result.payload

  6. src/webview/src/stores/refinement-store.ts

    • Added AVAILABLE_TOOLS array (18 tools)
    • Added DEFAULT_ALLOWED_TOOLS array (6 tools including TodoWrite)
    • Added state management for allowedTools with localStorage persistence

Impact

User Experience:

  • ✅ Users can control which tools AI uses
  • ✅ Continuous tool selection without reopening dropdown
  • ✅ Complete clarification messages displayed
  • ✅ More predictable AI behavior with structured JSON responses
  • ✅ Progress tracking with TodoWrite enabled by default

Security:

  • ✅ Strict tool restrictions prevent unintended tool usage
  • ✅ Default selection is read-only tools only
  • ✅ Visual warnings for potentially problematic tools

Code Quality:

  • ✅ 95 lines deleted (legacy pattern matching removed)
  • ✅ Simplified codebase with cleaner clarification handling
  • ✅ More maintainable with structured JSON approach

Testing

  • Manual E2E testing completed
    • Tool selection UI works correctly
    • Dropdown stays open for continuous selection
    • localStorage persistence verified
    • AI respects allowed tools restrictions (AskUserQuestion blocked)
    • Complete clarification messages displayed
    • Japanese clarifications work with structured JSON
    • Code quality checks passed (format, lint, check, build)

Notes

  • AskUserQuestion requires interactive dialog support which is not implemented, hence marked as "Not recommended"
  • TodoWrite is safe to enable by default (session-only, no file system writes)
  • Task tool remains disabled by default due to unpredictable subagent behavior
  • NotebookEdit remains disabled by default (write operation on .ipynb files)

@breaking-brake
improvement: add allowed tools UI to AI editing chat
335700e 
- Added "Allowed Tools" menu to Settings dropdown with all 18 Claude Code CLI tools
- Default selection: Read, Grep, Glob, WebSearch, WebFetch (read-only for security)
- Settings persist to localStorage
- Tools passed to CLI via --allowed-tools flag
- Menu stays open for multiple selections
@breaking-brake
improvement: enhance AI editing chat with prompt improvements and str…
d44d7c7 
…ict tool restrictions

- Enforce structured JSON output for AI clarifications in prompts
- Fix clarification message display to show complete content
- Remove legacy English-only pattern matching functions
- Add --tools flag with --allowed-tools for strict whitelist restriction
- Fix dropdown menu to stay open for continuous tool selection
- Add TodoWrite to default allowed tools for progress tracking
@breaking-brake breaking-brake merged commit d72f241 into main Dec 20, 2025
3 checks passed
@breaking-brake breaking-brake deleted the improvement/allowed-tools-ui branch December 20, 2025 14:08
@breaking-brake breaking-brake mentioned this pull request Dec 20, 2025
Merged
github-actions Bot added a commit that referenced this pull request Dec 20, 2025
@github-actions
chore(release): 3.8.4 [skip ci]
9db341c 
## [3.8.4](v3.8.3...v3.8.4) (2025-12-20)

### Improvements

* add tool execution loading animation in AI chat ([#298](#298)) ([5615efe](5615efe))
* AI editing chat enhancements with allowed tools UI and strict tool restrictions ([#299](#299)) ([d72f241](d72f241))
* implement TOON format for AI prompts to reduce token consumption ([#297](#297)) ([64fe228](64fe228))
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Dec 20, 2025

🎉 This PR is included in version 3.8.4 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@breaking-brake
Morty Proxy This is a proxified and sanitized view of the page, visit original site.